syslog server receives logs from remote device
Is there anyone knows how to configure syslog server to receive remote device logs?
I have 1 wireless router gateway which is have an option to store it logs to syslog server.
I already configure the device to point to my syslog server IP address.
I believe I need to edit the syslog.conf file.
I already added 1 line in the bottom of the syslog.conf file
What are the steps I need to configure in the syslog server in order to receive all the logs from my wireless router gateway?
Appreciate if there is anyone could help me.
See for instance http://www.linuxhomenetworking.com/linux-hn/logging.htm.
Some notes to go with that:
On the host that *receives* logs:
- check if you need to separate logs by IP or name or use TCP instead of UDP (replace Syslogd with Syslog-NG or RSyslog),
- check if you need more secure logging over SSL (install Stunnel on both sides),
- check 'man syslogd' for needing '-l' or '-s',
- check your firewall contains an appropriate line for host(s) allowed access to syslogd ('getent services syslog'),
- check your /etc/hosts.deny contains the 'ALL: ALL' line if you need strict access controls,
- check your /etc/hosts.allow contains an appropriate line for host(s) allowed access to syslogd.
On the host that *sends* logs:
- check your firewall contains an appropriate line for outbound access to the syslogd host,
- use 'logger' with an appropriate facility + priority combo to generate a test message or wait aeons for one to show up on the loghost.
There is no firewall between. The remote device is the gateway of my syslog. It should be manage to push all the logs to the syslog server.
I believe the syslog server has to know the logs is collect from which remote device(IP address)
I need to log all logs from the remote device in the below log file.
Can anyone give some idea?
Appreciate if someone can help on.
Try starting the syslogd server on the remote device with the "-r" option.
in your syslog.conf, put
|All times are GMT -5. The time now is 04:30 PM.|